It is known to transmit medical, physiological, or operational data obtained from a cardiac pacemaker or defibrillator to a central service center to analyze the data, and to provide it to an attending physician via a corresponding user interface.
Some functions of such implants are controlled by software or firmware and are therefore programmable. It frequently happens that after initial programming shortly before, during, or after the implantation, further programming or reprogramming is desirable to be able to adjust the implant to current health states of a patient, which have possibly changed in the meantime, or to increase the performance capability of the implant in another manner. Programming or reprogramming of this type frequently occurs by a physician's use of a short-range wireless data connection to a particular implant with the aid of a programming device and programs the implant in consideration of the patient.
However, programming or reprogramming of the implant may also fundamentally be performed remotely, for example, via the central service center. A data link may be produced for this purpose between the service center and a patient intermediate device, which is typically located in proximity to a patient and may produce a bidirectional data link between the implant and the patient intermediate device. The connection between service center and patient intermediate device may be implemented as a separate wireless connection, for example, via the telephone network, the Internet, or similar data lines.
The problem exists in this case of ensuring that the particular implant and/or the patient intermediate device is not reprogrammed as a result of an erroneous data transmission or even by misuse.
To solve this problem, encrypting and/or verifying programming instructions for the programming or reprogramming of an implant using a public-key encryption method, such as PGP, is provided according to U.S. Pat. No. 6,442,432.